Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5hOItO3RjsNoztCL_H1c5naichA.roa
File: 5hOItO3RjsNoztCL_H1c5naichA.roa (raw, json)
Hash identifier: kJKMxR+Oeqe4oXp+9RzS8pkNUZz5dN76t8sFLYB9Zms=
Subject key identifier: E6:13:88:B4:ED:D1:8E:C3:68:CE:D0:8B:FC:7D:5C:E6:76:A2:72:10
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0195A54EF45800216B75AD6DE8855984956E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5hOItO3RjsNoztCL_H1c5naichA.roa
Signing time: Mon 17 Mar 2025 18:12:49 +0000
ROA not before: Mon 17 Mar 2025 18:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:86cf:630c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a5:4e:f4:58:00:21:6b:75:ad:6d:e8:85:59:84:95:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Mar 17 18:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e61388b4edd18ec368ced08bfc7d5ce676a27210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:75:0e:b4:ef:61:93:dc:6d:bf:24:b2:7d:9f:
c1:c6:f6:ee:21:f6:83:8c:24:0d:ee:51:2f:e1:40:
25:c7:f3:a0:5c:68:28:4c:b3:15:ec:2f:2a:61:d8:
f6:54:c1:d0:94:db:07:09:22:57:5d:0a:0f:3a:b7:
0f:56:3a:c6:dc:ea:65:f8:da:79:81:d7:53:55:e5:
62:c1:a6:86:20:7c:bd:d7:55:6a:96:93:08:97:32:
4f:b1:ae:b8:be:3d:83:36:b8:9c:1f:68:0c:84:44:
be:aa:c9:9c:d7:33:99:ff:d9:92:62:8c:ae:00:3f:
09:3b:f5:a6:3c:1f:1c:b6:89:c6:80:cd:17:19:9a:
0b:82:09:8c:44:20:05:74:0d:4e:fd:cb:5a:b9:7b:
61:52:f6:3a:55:c0:04:01:7a:67:b9:27:76:5b:32:
be:b8:88:be:2d:72:75:c2:46:ad:bf:d6:d3:8b:3b:
01:df:b4:07:47:a0:8e:51:5e:0a:0b:84:bf:d3:36:
76:46:33:d1:f8:99:c4:a4:65:c1:d3:20:5e:e5:2c:
17:d9:70:ff:86:6b:a7:3c:00:28:07:7b:bc:57:2d:
80:39:cc:cc:e3:27:03:fd:db:21:04:78:3b:e7:1c:
4e:b0:f5:b8:6a:1f:5f:e3:c6:44:e3:3a:ee:3a:6f:
0e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:13:88:B4:ED:D1:8E:C3:68:CE:D0:8B:FC:7D:5C:E6:76:A2:72:10
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/5hOItO3RjsNoztCL_H1c5naichA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:86cf:630c/128
Signature Algorithm: sha256WithRSAEncryption
31:7d:30:64:e0:8e:2a:83:00:7b:64:23:16:12:c1:43:56:74:
6e:af:ca:06:dc:cf:eb:08:85:6d:f1:1d:fd:11:b0:0d:a1:b4:
17:db:9a:4b:aa:b8:03:cb:44:c6:3a:5f:15:00:b0:51:eb:02:
47:4d:4e:c5:1b:75:a0:73:23:12:2a:08:b0:1b:da:3f:09:ed:
36:45:aa:c8:2e:4e:91:bf:62:ea:91:46:1d:ab:9b:16:3a:7f:
41:45:7f:72:17:35:8e:47:1d:73:bd:8a:46:9d:29:ef:d5:48:
a2:b0:a0:66:8d:97:ca:62:d9:74:53:53:48:ff:fe:bf:65:ef:
52:8c:55:53:40:1b:08:7b:9e:a2:37:81:16:75:ad:37:a6:ae:
2f:1a:64:e2:c9:66:d3:48:45:09:e8:62:8a:e4:15:c9:2b:36:
6d:f4:6c:b8:55:d4:1c:a2:0a:03:74:0b:25:1c:7b:f6:a4:87:
72:0a:e7:c9:e6:5c:86:bc:ff:be:eb:45:1c:c2:79:93:8d:ed:
32:e6:96:52:27:7c:4c:af:0b:73:cb:fd:93:19:8c:70:f6:71:
99:35:6f:5e:e3:35:15:8a:e7:8b:ab:0d:d5:87:f0:be:8f:7a:
72:b6:d2:50:ad:e4:67:c0:27:40:26:e1:b5:4c:1a:e5:b8:14:
1a:72:4d:bd
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZWlTvRYACFrda1t6IVZhJVuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMzE3MTgxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjEzODhiNGVkZDE4ZWMzNjhjZWQwOGJmYzdkNWNlNjc2YTI3MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHUOtO9hk9xtvySyfZ/BxvbuIfaD
jCQN7lEv4UAlx/OgXGgoTLMV7C8qYdj2VMHQlNsHCSJXXQoPOrcPVjrG3Opl+Np5
gddTVeViwaaGIHy911VqlpMIlzJPsa64vj2DNricH2gMhES+qsmc1zOZ/9mSYoyu
AD8JO/WmPB8ctonGgM0XGZoLggmMRCAFdA1O/ctauXthUvY6VcAEAXpnuSd2WzK+
uIi+LXJ1wkatv9bTizsB37QHR6COUV4KC4S/0zZ2RjPR+JnEpGXB0yBe5SwX2XD/
hmunPAAoB3u8Vy2AOczM4ycD/dshBHg75xxOsPW4ah9f48ZE4zruOm8OgwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOYTiLTt0Y7DaM7Qi/x9XOZ2onIQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvNWhPSXRPM1Jqc05venRDTF9IMWM1bmFpY2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVhs9jDDANBgkqhkiG9w0BAQsFAAOCAQEAMX0wZOCOKoMAe2QjFhLBQ1Z0
bq/KBtzP6wiFbfEd/RGwDaG0F9uaS6q4A8tExjpfFQCwUesCR01OxRt1oHMjEioI
sBvaPwntNkWqyC5Okb9i6pFGHaubFjp/QUV/chc1jkcdc72KRp0p79VIorCgZo2X
ymLZdFNTSP/+v2XvUoxVU0AbCHueojeBFnWtN6auLxpk4slm00hFCehiiuQVySs2
bfRsuFXUHKIKA3QLJRx79qSHcgrnyeZchrz/vutFHMJ5k43tMuaWUid8TK8Lc8v9
kxmMcPZxmTVvXuM1FYrni6sN1Yfwvo96crbSUK3kZ8AnQCbhtUwa5bgUGnJNvQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:50:45 2025 by rpki-client